Barracuda, a provider of cloud-first security solutions, has announced the addition of Zero Trust Access to its email protection suite. The new capabilities allow customers to control and manage access to email systems and Microsoft 365 applications on a need-to-know basis, providing an additional layer of security for their businesses.

With the accelerated migration of workloads to Microsoft 365, the attack surface for today’s businesses has expanded. Securing workloads for collaboration tools such as OneDrive, SharePoint, and Teams requires security strategies built for the cloud. 

A robust email security approach is critical because attackers try to move laterally through the Microsoft 365 environment and access other applications and data when an account is compromised.

Barracuda Email Protection Premium Plus, now with Zero Trust Access included, hardens the Microsoft 365 environment by continuously verifying and only allowing the right users to access specified resources. 

Conditional, time-based, and context-based access policies for Microsoft 365 email and applications can reduce the attack surface and business compliance risks.

“Barracuda Email Protection with Zero Trust security provides complete protection for Microsoft 365, improving resiliency and security,” says Don MacLennan, SVP, Engineering and Product Management, Email Protection, Barracuda. 

“For organisations that need to protect their businesses, brands, and people against the most advanced email-borne threats, Barracuda Email Protection is a comprehensive, easy-to-use solution.”

Sinan Eren, Vice President, Zero Trust Security, Barracuda, further explains, “There have been a bunch of recent, high-profile breaches that have successfully used a new technique called multi-factor authentication alerts (MFA) fatigue. Cybercriminals are taking advantage of people being overwhelmed by MFA, and paired with other threats such as credential theft, account takeover, and phishing.”

“Email is still a very important target because once attackers get access to an inbox and applications such as SharePoint and Teams, they can exploit the trust chain to get access to the network.”

“We can protect the email platform in itself through Zero Trust Access. Every device and every user that accesses the email infrastructure should be trusted, authenticated, and authorised. If that pair doesn't match, then you're not granted access."

“The beauty is that this eliminates the risk of credential theft. Even if an attacker compromises your username and password, even if they overwhelm you with MFA alerts and you accept their request, they still don't have the right device with the right identity. So they're not going to be able to log into your inbox. That's how we enhance customers’ security posture.”

Jamie Milliken, Systems Analyst at Gateway Mechanical, adds, “I was really impressed with Barracuda’s multilayered approach. They combine all the different functions needed to secure us against email threats. I also like the management interface. Even though it puts so many different capabilities at your fingertips, it’s clear and very easy to use.”

“The bundled capabilities in Barracuda Email Protection were just right for our needs. It’s the comprehensive, integrated security solution we needed for our Microsoft 365 deployment,” notes Andy Shotwell, Senior Vice President Bank of Botetourt.